On the power of Simple Branch Prediction Analysis

eProceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ASIACCS '07

Volumn , Issue , 2007, Pages 312-320

  Aciiçmez, Onur ^a   Koç, Çetin Kaya ^a,b   Seifert, Jean Pierre ^c,d  

^a Oregon State University   (United States)

^b ISTANBUL COMMERCE UNIVERSITY   (Turkey)

^c UNIVERSITY OF HAIFA   (Israel)

^d UNIVERSITY OF INNSBRUCK   (Austria)

Author keywords

Branch prediction analysis; Modular exponentiation; RSA; Side channel analysis

Indexed keywords

BRANCH PREDICTION; COMPUTATION PROCESS; MODULAR EXPONENTIATION; PARTITIONING METHODS; RANDOMIZATION TECHNIQUES; RSA; SECURITY IMPLICATIONS; SIDE-CHANNEL ANALYSIS;

FORECASTING; PERSONAL COMPUTERS;

SECURITY OF DATA;

EID: 84876307879     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1229285.1266999     Document Type: Conference Paper

References (41)

1. O. Aciiçmez, J.-P. Seifert, and Ç. K. Koç. Predicting secret keys via branch prediction. Topics in Cryptology - CT-RSA 2007, The Cryptographers' Track at the RSA Conference 2007, to appear.
2. D. J. Bernstein. Cache-timing attacks on AES. Technical Report, 37 pages, April 2005. Available at: http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
3. David Brumley, Dan Boneh, Remote timing attacks are practical, Proceedings of the 12th conference on USENIX Security Symposium, p.1-1, August 04-08, 2003, Washington, DC
4. Y. Chen, P. England, M. Peinado, and B. Willman. High Assurance Computing on Open Hardware Architectures. Technical Report, MSR-TR-2003-20, 17 pages, Microsoft Corporation, March 2003. Available at: ftp://ftp.research.microsoft. com/pub/tr/tr-2003-20.ps
5. Benoît Chevallier-Mames, Mathieu Ciet, Marc Joye, Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity, IEEE Transactions on Computers, v.53 n.6, p.760-768, June 2004 [doi: 10.1109/TC.2004.13]
6. Jean-Sebastien Coron, David Naccache, Paul Kocher, Statistics and secret leakage, ACM Transactions on Embedded Computing Systems (TECS), v.3 n.3, p.492-508, August 2004 [doi: 10.1145/1015047.1015050]
7. Jean-François Dhem, François Koeune, Philippe-Alexandre Leroux, Patrick Mestré, Jean-Jacques Quisquater, Jean-Louis Willems, A Practical Implementation of the Timing Attack, Proceedings of the The International Conference on Smart Card Research and Applications, p.167-182, September 14-16, 1998
8. Paul England, Butler Lampson, John Manferdelli, Marcus Peinado, Bryan Willman, A Trusted Open Platform, Computer, v.36 n.7, p.55-62, July 2003 [doi: 10.1109/MC.2003.1212691]
9. S. Gochman, R. Ronen, I. Anati, A. Berkovits, T. Kurts, A. Naveh, A. Saeed, Z. Sperber, and R. Valentine. The Intel Pentium M processor: Microarchitecture and performance. Intel Technology Journal, volume 7, issue 2, May 2003.
10. D. Grawrock. The Intel Safer Computing Initiative: Building Blocks for Trusted Computing, Intel Press, 2006.
11. N. A. Howgrave-Graham, N. P. Smart, Lattice Attacks on Digital Signature Schemes, Designs, Codes and Cryptography, v.23 n.3, p.283-290, August 2001 [doi: 10.1023/A:1011214926272]
12. Jim Handy, The cache memory book (2nd ed.): the authoritative reference on cache design, Academic Press, Inc., Orlando, FL, 1998
13. G. Hinton, D. Sager, M. Upton, D. Boggs, D. Carmean, A. Kyker, and P. Roussel. The Microarchitecture of the Pentium 4 Processor. Intel Technology Journal, volume 5, issue 1, Feb. 2001.
14. Wei-Ming Hu, Lattice Scheduling and Covert Channels, Proceedings of the 1992 IEEE Symposium on Security and Privacy, p.52, May 04-06, 1992
15. Marc Joye, Karine Villegas, A protected division algorithm, Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference, p.8-8, November 21-22, 2002, San Jose, CA
16. Marc Joye, Sung-Ming Yen, The Montgomery Powering Ladder, Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems, p.291-302, August 13-15, 2002
17. H. Kahl. SPA-based attack against the modular reduction within a partially secured RSA-CRT implementation. Cryptology ePrint Archive, Report 2004/197, 2004, http://eprint.iacr.org/197.pdf.
18. Paul C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology, p.104-113, August 18-22, 1996
19. Rita Mayer-Sommer, Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards, Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems, p.78-92, August 17-18, 2000
20. Alfred J. Menezes, Scott A. Vanstone, Paul C. Van Oorschot, Handbook of Applied Cryptography, CRC Press, Inc., Boca Raton, FL, 1996
21. Milena Milenkovic, Aleksandar Milenkovic, Jeffrey Kulick, Microbenchmarks for determining branch predictor organization, Software-Practice & Experience, v.34 n.5, p.465-487, April 2004 [doi: 10.1002/spe.v34:5]
22. M. Neve and J.-P. Seifert. Advances on Access-driven Cache Attacks on AES. Proceedings of Selected Area of Cryptology (SAC 2006), Montreal, Canada, August 2006, to appear at Springer LNCS.
23. P. Q. Nguyen and I. E. Shparlinski. The Insecurity of the Digital Signature Algorithm with Partially Known Nonces. Journal of Cryptology, vol. 15, no. 3, pp. 151176, Springer, 2002.
24. Phong Q. Nguyen, Igor E. Shparlinski, The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces, Designs, Codes and Cryptography, v.30 n.2, p.201-217, September 2003 [doi: 10.1023/A: 1025436905711]
25. Openssl: the open-source toolkit for ssl / tls. Available online at http://www.openssl.org/.
26. D. A. Osvik, A. Shamir, and E. Tromer. Other People's Cache: Hyper Attacks on HyperThreaded Processors. Presentation available at: http://www.wisdom.weizmann.ac.il/~tromer/.
27. D. A. Osvik, A. Shamir, and E. Tromer. Cache Attacks and Countermeasures: The Case of AES. Topics in Cryptology - CT-RSA 2006, The Cryptographers' Track at the RSA Conference 2006, D. Pointcheval, editor, pages 1-20, Springer-Verlag, LNCS vol. 3860, 2006.
28. David A. Patterson, John L. Hennessy, Computer architecture: a quantitative approach, Morgan Kaufmann Publishers Inc., San Francisco, CA, 1990
29. Siani Pearson, Trusted Computing Platforms: TCPA Technology in Context, Prentice Hall PTR, Upper Saddle River, NJ, 2002
30. C. Percival. Cache missing for fun and profit. BSDCan 2005, Ottawa, 2005. Available at: http://www.daemonology.net/hyperthreading-considered-harmful/
31. Charles P. Pfleeger, Shari Lawrence Pfleeger, Security in Computing, Prentice Hall Professional Technical Reference, 2002
32. Eric Rotenberg, Steve Bennett, James E. Smith, Trace cache: a low latency approach to high bandwidth instruction fetching, Proceedings of the 29th annual ACM/IEEE international symposium on Microarchitecture, p.24-35, December 02-04, 1996, Paris, France
33. Werner Schindler, A Timing Attack against RSA with the Chinese Remainder Theorem, Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems, p.109-124, August 17-18, 2000
34. Tom Shanley, The Unabridged Pentium 4: IA32 Processor Genealogy, Pearson Education, 2004
35. Abraham Silberschatz, Operating Systems Concepts, John Wiley & Sons, 2005
36. J. Shen and M. Lipasti. Modern Processor Design: Fundamentals of Superscalar Processors. McGraw-Hill, 2005.
37. O. Sibert, P. A. Porras, R. Lindell, The Intel 80×86 Processor Architecture: Pitfalls for Secure Systems, Proceedings of the 1995 IEEE Symposium on Security and Privacy, p.211, May 08-10, 1995
38. Sean W. Smith, Trusted Computing Platforms: Design and Applications, Springer-Verlag New York, Inc., Secaucus, NJ, 1899
39. Trusted Computing Group, http://www.trustedcomputinggroup.org.
40. Rich Uhlig, Gil Neiger, Dion Rodgers, Amy L. Santoni, Fernando C. M. Martins, Andrew V. Anderson, Steven M. Bennett, Alain Kagi, Felix H. Leung, Larry Smith, Intel Virtualization Technology, Computer, v.38 n.5, p.48-56, May 2005 [doi: 10.1109/MC.2005.163]
41. C. D. Walter. Montgomery Exponentiation Needs No Final Subtractions. IEE Electronics Letters, volume 35, number 21, pages 1831-1832, October 1999.